Identity Theft: Consumer Perception Versus Reality

Information about the threats of identity theft seem to be everywhere -- media headlines, websites, billboards, television ads, and your financial institution has probably warned its customers of the problem.

The real question is â€“ how bad is the problem? When you compare studies and reports, it can yield confusing results. One study says itâ€™s going up, another study says itâ€™s flat. From the point of Dr. Larry Ponemon, chairman and founder of the Ponemon Institute, identity theft or the threat of it happening to a consumer is more about the consumerâ€™s perception rather than the real numbers of identity theft.

Yes, there are individuals across the globe becoming victims of identity theft as you read this sentence. But the â€œrealâ€ kind of identity theft, where another person assumes a victimâ€™s entire identity, â€œIs not as large of a percentage as people think,â€ Ponemon said.

Financial institutions and other companies that hold consumer credit information, â€œare doing better job at detecting this type of fraud. Itâ€™s not growing at the exponential rate, but rather growing at linear rate,â€ he noted.

The other kind of identity theft, financial account takeover or credit card or debit card takeoverâ€”is growing, and it is exponential, he said. One example of this exponential growth is the TJX data breach where more than 45 million customers were affected.

However, Ponemon said he is more concerned with the level of consumersâ€™ fears of identity theft and the overall perception of the issue. â€œFear of identity theft is also growing at exponential rate. People are reading about identity theft, and are becoming more afraid of what or who is out there waiting to snatch their identity,â€ he said.

â€œThis is paralyzing people, they donâ€™t want to use online services such as online banking.
The perception is a lot worse than it actually is,â€ he said. The other problem he pointed to was the cottage industries pushing their solutions to identity theft and privacy protection.

â€œThese cottage industries are creating a myth and things are really bad, and tout their products to solve privacy protection issues that canâ€™t be guaranteed,â€ he noted. As one example he pointed to was a company advertising a guarantee that the consumerâ€™s name would not be on any lists for telemarketing. â€œHow can they tell a consumer that no telemarketer will call them? It causes more uncertainty in the minds of consumers about the problem,â€ he said.

Financial institutions should consider educating their customers about the problems surrounding identity theft, credit card fraud, and other types of scams. â€œThe erosion of consumer trust must be addressed in the industry,â€ he said.

The stronger authentication methods required for online transactions at financial institutions does help increase the trust among online banking customers, and he likes the idea of having a single identification card for all types of transactions, like a national identification card. â€œThough this conjures up the film noire scene of the soldiers stopping people boarding a train asking for identification papers, so it may be some work to gain acceptance of American consumers,â€ he said.

Based on a study that the Ponemon Institute did last year on consumer perceptions, how people feel about authentication, identification cards and identity theft vary widely. â€œBut people are tired of having to remember 20 passwords,â€ he said.

Ponemon cautioned financial institutions to keep the confidence level high among their customer base. â€œThe most trusted banks, from our report on top banks for privacy, shows that institutions such as Wachovia, Washington Mutual, National City, U.S. Bank and Bank of America stress the privacy of their customersâ€™ identities and account information,â€ he said.

The "2007 Consumer Survey on Data Security" by the Ponemon Institute, found that 62 percent of the respondents have been notified that their confidential data has been lost.

The high percentage of individuals that have been notified of a data loss event has contributed to increased security concerns, as the vast majority of those notified reported concern about the event. "Our research clearly shows that data breaches are affecting consumersâ€™ trust in the organizations with which they share their data and, ultimately, their buying behavior,â€ These data breaches have had a direct impact on consumer buying behavior, including reluctance to use their credit or debit card to make a purchase with a Web merchant they donâ€™t know, and unwillingness to provide their Social Security number online.

â€œThere a few big picture items in the study for financial institutions to ponder. One is that the average consumer has a different view of data breaches, and where theyâ€™re occurring. Financial institutions and brokerages are held to a higher standard, than say a retailer like TJX,â€ Ponemon noted. â€œFor whatever reason, consumers tend to hold certain groups [financial institutions] to a higher standard.â€

About the Author

Linda McGlasson is a seasoned writer and editor with 20 years of experience in writing for corporations, business publications and newspapers. She has worked in the Financial Services industry for more than 12 years. Most recently Linda headed information security awareness and training and the Computer Incident Response Team for Securities Industry Automation Corporation (SIAC), a subsidiary of the NYSE Group (NYX). As part of her role she developed infosec policy, developed new awareness testing and led the company's incident response team. In the last two years she's been involved with the Financial Services Information Sharing Analysis Center (FS-ISAC), editing its quarterly member newsletter and identifying speakers for member meetings.

Operation Success!

Risk Management Framework: Learn from NIST

From heightened risks to increased regulations, senior leaders at all levels are pressured to
improve their organizations' risk management capabilities. But no one is showing them how -
until now.

Learn the fundamentals of developing a risk management program from the man who wrote the book
on the topic: Ron Ross, computer scientist for the National Institute of Standards and
Technology. In an exclusive presentation, Ross, lead author of NIST Special Publication 800-37
- the bible of risk assessment and management - will share his unique insights on how to:

Understand the current cyber threats to all public and private sector organizations;

Develop a multi-tiered risk management approach built upon governance, processes and
information systems;

Enter your email address to reset your password

Already have anISMG account?

Forgot Your Password Message:

Contact Us

Already have anISMG account?

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.in, you agree to our use of cookies.